diff --git a/api/peer_connection_interface.h b/api/peer_connection_interface.h index b1700ce818..9dca8f570c 100644 --- a/api/peer_connection_interface.h +++ b/api/peer_connection_interface.h @@ -427,12 +427,6 @@ class RTC_EXPORT PeerConnectionInterface : public rtc::RefCountInterface { // Use new combined audio/video bandwidth estimation? absl::optional combined_audio_video_bwe; - // TODO(bugs.webrtc.org/9891) - Move to crypto_options - // Can be used to disable DTLS-SRTP. This should never be done, but can be - // useful for testing purposes, for example in setting up a loopback call - // with a single PeerConnection. - absl::optional enable_dtls_srtp; - ///////////////////////////////////////////////// // The below fields are not part of the standard. ///////////////////////////////////////////////// diff --git a/examples/androidapp/src/org/appspot/apprtc/PeerConnectionClient.java b/examples/androidapp/src/org/appspot/apprtc/PeerConnectionClient.java index 2872d0bb80..2bc75ff617 100644 --- a/examples/androidapp/src/org/appspot/apprtc/PeerConnectionClient.java +++ b/examples/androidapp/src/org/appspot/apprtc/PeerConnectionClient.java @@ -442,6 +442,10 @@ private void createPeerConnectionFactoryInternal(PeerConnectionFactory.Options o decoderFactory = new SoftwareVideoDecoderFactory(); } + // Disable encryption for loopback calls. + if (peerConnectionParameters.loopback) { + options.disableEncryption = true; + } factory = PeerConnectionFactory.builder() .setOptions(options) .setAudioDeviceModule(adm) @@ -600,8 +604,6 @@ private void createPeerConnectionInternal() { rtcConfig.continualGatheringPolicy = PeerConnection.ContinualGatheringPolicy.GATHER_CONTINUALLY; // Use ECDSA encryption. rtcConfig.keyType = PeerConnection.KeyType.ECDSA; - // Enable DTLS for normal calls and disable for loopback calls. - rtcConfig.enableDtlsSrtp = !peerConnectionParameters.loopback; rtcConfig.sdpSemantics = PeerConnection.SdpSemantics.UNIFIED_PLAN; peerConnection = factory.createPeerConnection(rtcConfig, pcObserver); diff --git a/examples/androidnativeapi/jni/android_call_client.cc b/examples/androidnativeapi/jni/android_call_client.cc index f38de24a3f..81782730db 100644 --- a/examples/androidnativeapi/jni/android_call_client.cc +++ b/examples/androidnativeapi/jni/android_call_client.cc @@ -177,8 +177,10 @@ void AndroidCallClient::CreatePeerConnection() { webrtc::MutexLock lock(&pc_mutex_); webrtc::PeerConnectionInterface::RTCConfiguration config; config.sdp_semantics = webrtc::SdpSemantics::kUnifiedPlan; - // DTLS SRTP has to be disabled for loopback to work. - config.enable_dtls_srtp = false; + // Encryption has to be disabled for loopback to work. + webrtc::PeerConnectionFactoryInterface::Options options; + options.disable_encryption = true; + pcf_->SetOptions(options); webrtc::PeerConnectionDependencies deps(pc_observer_.get()); pc_ = pcf_->CreatePeerConnectionOrError(config, std::move(deps)).MoveValue(); diff --git a/examples/objcnativeapi/objc/objc_call_client.mm b/examples/objcnativeapi/objc/objc_call_client.mm index 419203eb62..09d3d4afdd 100644 --- a/examples/objcnativeapi/objc/objc_call_client.mm +++ b/examples/objcnativeapi/objc/objc_call_client.mm @@ -141,8 +141,10 @@ webrtc::MutexLock lock(&pc_mutex_); webrtc::PeerConnectionInterface::RTCConfiguration config; config.sdp_semantics = webrtc::SdpSemantics::kUnifiedPlan; - // DTLS SRTP has to be disabled for loopback to work. - config.enable_dtls_srtp = false; + // Encryption has to be disabled for loopback to work. + webrtc::PeerConnectionFactoryInterface::Options options; + options.disable_encryption = true; + pcf_->SetOptions(options); webrtc::PeerConnectionDependencies pc_dependencies(pc_observer_.get()); pc_ = pcf_->CreatePeerConnectionOrError(config, std::move(pc_dependencies)).MoveValue(); RTC_LOG(LS_INFO) << "PeerConnection created: " << pc_; diff --git a/examples/peerconnection/client/conductor.cc b/examples/peerconnection/client/conductor.cc index 744c6b1826..d3b1d21a41 100644 --- a/examples/peerconnection/client/conductor.cc +++ b/examples/peerconnection/client/conductor.cc @@ -150,7 +150,7 @@ bool Conductor::InitializePeerConnection() { return false; } - if (!CreatePeerConnection(/*dtls=*/true)) { + if (!CreatePeerConnection()) { main_wnd_->MessageBox("Error", "CreatePeerConnection failed", true); DeletePeerConnection(); } @@ -165,23 +165,28 @@ bool Conductor::ReinitializePeerConnectionForLoopback() { std::vector> senders = peer_connection_->GetSenders(); peer_connection_ = nullptr; - if (CreatePeerConnection(/*dtls=*/false)) { + // Loopback is only possible if encryption is disabled. + webrtc::PeerConnectionFactoryInterface::Options options; + options.disable_encryption = true; + peer_connection_factory_->SetOptions(options); + if (CreatePeerConnection()) { for (const auto& sender : senders) { peer_connection_->AddTrack(sender->track(), sender->stream_ids()); } peer_connection_->CreateOffer( this, webrtc::PeerConnectionInterface::RTCOfferAnswerOptions()); } + options.disable_encryption = false; + peer_connection_factory_->SetOptions(options); return peer_connection_ != nullptr; } -bool Conductor::CreatePeerConnection(bool dtls) { +bool Conductor::CreatePeerConnection() { RTC_DCHECK(peer_connection_factory_); RTC_DCHECK(!peer_connection_); webrtc::PeerConnectionInterface::RTCConfiguration config; config.sdp_semantics = webrtc::SdpSemantics::kUnifiedPlan; - config.enable_dtls_srtp = dtls; webrtc::PeerConnectionInterface::IceServer server; server.uri = GetPeerConnectionString(); config.servers.push_back(server); diff --git a/examples/peerconnection/client/conductor.h b/examples/peerconnection/client/conductor.h index 332cd43d3a..80617d3cf4 100644 --- a/examples/peerconnection/client/conductor.h +++ b/examples/peerconnection/client/conductor.h @@ -54,7 +54,7 @@ class Conductor : public webrtc::PeerConnectionObserver, ~Conductor(); bool InitializePeerConnection(); bool ReinitializePeerConnectionForLoopback(); - bool CreatePeerConnection(bool dtls); + bool CreatePeerConnection(); void DeletePeerConnection(); void EnsureStreamingUI(); void AddTracks(); diff --git a/examples/unityplugin/simple_peer_connection.cc b/examples/unityplugin/simple_peer_connection.cc index c7e5185bdc..e1c9c406b6 100644 --- a/examples/unityplugin/simple_peer_connection.cc +++ b/examples/unityplugin/simple_peer_connection.cc @@ -190,7 +190,6 @@ bool SimplePeerConnection::CreatePeerConnection(const char** turn_urls, webrtc::PeerConnectionInterface::IceServer stun_server; stun_server.uri = GetPeerConnectionString(); config_.servers.push_back(stun_server); - config_.enable_dtls_srtp = false; auto result = g_peer_connection_factory->CreatePeerConnectionOrError( config_, webrtc::PeerConnectionDependencies(this)); diff --git a/pc/peer_connection.cc b/pc/peer_connection.cc index 0ca18aaf35..1cb05a20a4 100644 --- a/pc/peer_connection.cc +++ b/pc/peer_connection.cc @@ -276,8 +276,8 @@ bool DtlsEnabled(const PeerConnectionInterface::RTCConfiguration& configuration, bool default_enabled = (dependencies.cert_generator || !configuration.certificates.empty()); - // The `configuration` can override the default value. - return configuration.enable_dtls_srtp.value_or(default_enabled); + RTC_DCHECK(default_enabled) << "Configuration error: No certs for DTLS"; + return default_enabled; } } // namespace @@ -300,7 +300,6 @@ bool PeerConnectionInterface::RTCConfiguration::operator==( bool enable_rtp_data_channel; absl::optional screencast_min_bitrate; absl::optional combined_audio_video_bwe; - absl::optional enable_dtls_srtp; TcpCandidatePolicy tcp_candidate_policy; CandidateNetworkPolicy candidate_network_policy; int audio_jitter_buffer_max_packets; @@ -368,7 +367,6 @@ bool PeerConnectionInterface::RTCConfiguration::operator==( disable_link_local_networks == o.disable_link_local_networks && screencast_min_bitrate == o.screencast_min_bitrate && combined_audio_video_bwe == o.combined_audio_video_bwe && - enable_dtls_srtp == o.enable_dtls_srtp && ice_candidate_pool_size == o.ice_candidate_pool_size && prune_turn_ports == o.prune_turn_ports && turn_port_prune_policy == o.turn_port_prune_policy && diff --git a/pc/peer_connection_crypto_unittest.cc b/pc/peer_connection_crypto_unittest.cc index 394203cb02..c0c328161a 100644 --- a/pc/peer_connection_crypto_unittest.cc +++ b/pc/peer_connection_crypto_unittest.cc @@ -181,7 +181,6 @@ SdpContentMutator RemoveDtlsFingerprint() { // no SDES cryptos. TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenDtlsEnabled) { RTCConfiguration config; - config.enable_dtls_srtp.emplace(true); auto caller = CreatePeerConnectionWithAudioVideo(config); auto offer = caller->CreateOffer(); @@ -195,7 +194,6 @@ TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenDtlsEnabled) { } TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWhenDtlsEnabled) { RTCConfiguration config; - config.enable_dtls_srtp.emplace(true); auto caller = CreatePeerConnectionWithAudioVideo(config); auto callee = CreatePeerConnectionWithAudioVideo(config); @@ -210,39 +208,6 @@ TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWhenDtlsEnabled) { answer->description())); } -// When DTLS is disabled, the SDP offer/answer should include SDES cryptos and -// should not have a DTLS fingerprint. -TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenDtlsDisabled) { - RTCConfiguration config; - config.enable_dtls_srtp.emplace(false); - auto caller = CreatePeerConnectionWithAudioVideo(config); - - auto offer = caller->CreateOffer(); - ASSERT_TRUE(offer); - - ASSERT_FALSE(offer->description()->contents().empty()); - EXPECT_TRUE(SdpContentsAll(HaveSdesCryptos(), offer->description())); - EXPECT_TRUE(SdpContentsNone(HaveDtlsFingerprint(), offer->description())); - EXPECT_TRUE(SdpContentsAll(HaveProtocol(cricket::kMediaProtocolSavpf), - offer->description())); -} -TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWhenDtlsDisabled) { - RTCConfiguration config; - config.enable_dtls_srtp.emplace(false); - auto caller = CreatePeerConnectionWithAudioVideo(config); - auto callee = CreatePeerConnectionWithAudioVideo(config); - - callee->SetRemoteDescription(caller->CreateOffer()); - auto answer = callee->CreateAnswer(); - ASSERT_TRUE(answer); - - ASSERT_FALSE(answer->description()->contents().empty()); - EXPECT_TRUE(SdpContentsAll(HaveSdesCryptos(), answer->description())); - EXPECT_TRUE(SdpContentsNone(HaveDtlsFingerprint(), answer->description())); - EXPECT_TRUE(SdpContentsAll(HaveProtocol(cricket::kMediaProtocolSavpf), - answer->description())); -} - // When encryption is disabled, the SDP offer/answer should have neither a DTLS // fingerprint nor any SDES crypto options. TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenEncryptionDisabled) { @@ -251,7 +216,6 @@ TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenEncryptionDisabled) { pc_factory_->SetOptions(options); RTCConfiguration config; - config.enable_dtls_srtp.emplace(false); auto caller = CreatePeerConnectionWithAudioVideo(config); auto offer = caller->CreateOffer(); @@ -269,7 +233,6 @@ TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWhenEncryptionDisabled) { pc_factory_->SetOptions(options); RTCConfiguration config; - config.enable_dtls_srtp.emplace(false); auto caller = CreatePeerConnectionWithAudioVideo(config); auto callee = CreatePeerConnectionWithAudioVideo(config); @@ -284,80 +247,12 @@ TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWhenEncryptionDisabled) { answer->description())); } -// CryptoOptions has been promoted to RTCConfiguration. As such if it is ever -// set in the configuration it should overrite the settings set in the factory. -TEST_P(PeerConnectionCryptoTest, RTCConfigurationCryptoOptionOverridesFactory) { - PeerConnectionFactoryInterface::Options options; - options.crypto_options.srtp.enable_gcm_crypto_suites = true; - pc_factory_->SetOptions(options); - - RTCConfiguration config; - config.enable_dtls_srtp.emplace(false); - CryptoOptions crypto_options; - crypto_options.srtp.enable_gcm_crypto_suites = false; - config.crypto_options = crypto_options; - auto caller = CreatePeerConnectionWithAudioVideo(config); - - auto offer = caller->CreateOffer(); - ASSERT_TRUE(offer); - - ASSERT_FALSE(offer->description()->contents().empty()); - // This should exist if GCM is enabled see CorrectCryptoInOfferWithSdesAndGcm - EXPECT_FALSE(SdpContentsAll(HaveSdesGcmCryptos(3), offer->description())); -} - -// When DTLS is disabled and GCM cipher suites are enabled, the SDP offer/answer -// should have the correct ciphers in the SDES crypto options. -// With GCM cipher suites enabled, there will be 3 cryptos in the offer and 1 -// in the answer. -TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWithSdesAndGcm) { - PeerConnectionFactoryInterface::Options options; - options.crypto_options.srtp.enable_gcm_crypto_suites = true; - pc_factory_->SetOptions(options); - - RTCConfiguration config; - config.enable_dtls_srtp.emplace(false); - auto caller = CreatePeerConnectionWithAudioVideo(config); - - auto offer = caller->CreateOffer(); - ASSERT_TRUE(offer); - - ASSERT_FALSE(offer->description()->contents().empty()); - EXPECT_TRUE(SdpContentsAll(HaveSdesGcmCryptos(3), offer->description())); -} - -TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWithSdesAndGcm) { - PeerConnectionFactoryInterface::Options options; - options.crypto_options.srtp.enable_gcm_crypto_suites = true; - pc_factory_->SetOptions(options); - - RTCConfiguration config; - config.enable_dtls_srtp.emplace(false); - auto caller = CreatePeerConnectionWithAudioVideo(config); - auto callee = CreatePeerConnectionWithAudioVideo(config); - - auto offer = caller->CreateOffer(); - for (cricket::ContentInfo& content : offer->description()->contents()) { - auto cryptos = content.media_description()->cryptos(); - cryptos.erase(cryptos.begin()); // Assumes that non-GCM is the default. - content.media_description()->set_cryptos(cryptos); - } - - callee->SetRemoteDescription(std::move(offer)); - auto answer = callee->CreateAnswer(); - ASSERT_TRUE(answer); - - ASSERT_FALSE(answer->description()->contents().empty()); - EXPECT_TRUE(SdpContentsAll(HaveSdesGcmCryptos(1), answer->description())); -} - TEST_P(PeerConnectionCryptoTest, CanSetSdesGcmRemoteOfferAndLocalAnswer) { PeerConnectionFactoryInterface::Options options; options.crypto_options.srtp.enable_gcm_crypto_suites = true; pc_factory_->SetOptions(options); RTCConfiguration config; - config.enable_dtls_srtp.emplace(false); auto caller = CreatePeerConnectionWithAudioVideo(config); auto callee = CreatePeerConnectionWithAudioVideo(config); @@ -368,69 +263,8 @@ TEST_P(PeerConnectionCryptoTest, CanSetSdesGcmRemoteOfferAndLocalAnswer) { auto answer = callee->CreateAnswer(); ASSERT_TRUE(answer); ASSERT_TRUE(callee->SetLocalDescription(std::move(answer))); -} - -// The following group tests that two PeerConnections can successfully exchange -// an offer/answer when DTLS is off and that they will refuse any offer/answer -// applied locally/remotely if it does not include SDES cryptos. -TEST_P(PeerConnectionCryptoTest, ExchangeOfferAnswerWhenSdesOn) { - RTCConfiguration config; - config.enable_dtls_srtp.emplace(false); - auto caller = CreatePeerConnectionWithAudioVideo(config); - auto callee = CreatePeerConnectionWithAudioVideo(config); - - auto offer = caller->CreateOfferAndSetAsLocal(); - ASSERT_TRUE(offer); - ASSERT_TRUE(callee->SetRemoteDescription(std::move(offer))); - - auto answer = callee->CreateAnswerAndSetAsLocal(); - ASSERT_TRUE(answer); - ASSERT_TRUE(caller->SetRemoteDescription(std::move(answer))); -} -TEST_P(PeerConnectionCryptoTest, FailToSetLocalOfferWithNoCryptosWhenSdesOn) { - RTCConfiguration config; - config.enable_dtls_srtp.emplace(false); - auto caller = CreatePeerConnectionWithAudioVideo(config); - - auto offer = caller->CreateOffer(); - SdpContentsForEach(RemoveSdesCryptos(), offer->description()); - - EXPECT_FALSE(caller->SetLocalDescription(std::move(offer))); -} -TEST_P(PeerConnectionCryptoTest, FailToSetRemoteOfferWithNoCryptosWhenSdesOn) { - RTCConfiguration config; - config.enable_dtls_srtp.emplace(false); - auto caller = CreatePeerConnectionWithAudioVideo(config); - auto callee = CreatePeerConnectionWithAudioVideo(config); - - auto offer = caller->CreateOffer(); - SdpContentsForEach(RemoveSdesCryptos(), offer->description()); - - EXPECT_FALSE(callee->SetRemoteDescription(std::move(offer))); -} -TEST_P(PeerConnectionCryptoTest, FailToSetLocalAnswerWithNoCryptosWhenSdesOn) { - RTCConfiguration config; - config.enable_dtls_srtp.emplace(false); - auto caller = CreatePeerConnectionWithAudioVideo(config); - auto callee = CreatePeerConnectionWithAudioVideo(config); - - callee->SetRemoteDescription(caller->CreateOfferAndSetAsLocal()); - auto answer = callee->CreateAnswer(); - SdpContentsForEach(RemoveSdesCryptos(), answer->description()); - - EXPECT_FALSE(callee->SetLocalDescription(std::move(answer))); -} -TEST_P(PeerConnectionCryptoTest, FailToSetRemoteAnswerWithNoCryptosWhenSdesOn) { - RTCConfiguration config; - config.enable_dtls_srtp.emplace(false); - auto caller = CreatePeerConnectionWithAudioVideo(config); - auto callee = CreatePeerConnectionWithAudioVideo(config); - - callee->SetRemoteDescription(caller->CreateOfferAndSetAsLocal()); - auto answer = callee->CreateAnswerAndSetAsLocal(); - SdpContentsForEach(RemoveSdesCryptos(), answer->description()); - - EXPECT_FALSE(caller->SetRemoteDescription(std::move(answer))); + // Note - this test doesn't verify that Gcm is present, just that it + // does not caue a failure. } // The following group tests that two PeerConnections can successfully exchange @@ -438,7 +272,6 @@ TEST_P(PeerConnectionCryptoTest, FailToSetRemoteAnswerWithNoCryptosWhenSdesOn) { // applied locally/remotely if it does not include a DTLS fingerprint. TEST_P(PeerConnectionCryptoTest, ExchangeOfferAnswerWhenDtlsOn) { RTCConfiguration config; - config.enable_dtls_srtp.emplace(true); auto caller = CreatePeerConnectionWithAudioVideo(config); auto callee = CreatePeerConnectionWithAudioVideo(config); @@ -453,7 +286,6 @@ TEST_P(PeerConnectionCryptoTest, ExchangeOfferAnswerWhenDtlsOn) { TEST_P(PeerConnectionCryptoTest, FailToSetLocalOfferWithNoFingerprintWhenDtlsOn) { RTCConfiguration config; - config.enable_dtls_srtp.emplace(true); auto caller = CreatePeerConnectionWithAudioVideo(config); auto offer = caller->CreateOffer(); @@ -464,7 +296,6 @@ TEST_P(PeerConnectionCryptoTest, TEST_P(PeerConnectionCryptoTest, FailToSetRemoteOfferWithNoFingerprintWhenDtlsOn) { RTCConfiguration config; - config.enable_dtls_srtp.emplace(true); auto caller = CreatePeerConnectionWithAudioVideo(config); auto callee = CreatePeerConnectionWithAudioVideo(config); @@ -476,7 +307,6 @@ TEST_P(PeerConnectionCryptoTest, TEST_P(PeerConnectionCryptoTest, FailToSetLocalAnswerWithNoFingerprintWhenDtlsOn) { RTCConfiguration config; - config.enable_dtls_srtp.emplace(true); auto caller = CreatePeerConnectionWithAudioVideo(config); auto callee = CreatePeerConnectionWithAudioVideo(config); @@ -487,7 +317,6 @@ TEST_P(PeerConnectionCryptoTest, TEST_P(PeerConnectionCryptoTest, FailToSetRemoteAnswerWithNoFingerprintWhenDtlsOn) { RTCConfiguration config; - config.enable_dtls_srtp.emplace(true); auto caller = CreatePeerConnectionWithAudioVideo(config); auto callee = CreatePeerConnectionWithAudioVideo(config); @@ -505,7 +334,6 @@ TEST_P(PeerConnectionCryptoTest, ExchangeOfferAnswerWhenNoEncryption) { pc_factory_->SetOptions(options); RTCConfiguration config; - config.enable_dtls_srtp.emplace(false); auto caller = CreatePeerConnectionWithAudioVideo(config); auto callee = CreatePeerConnectionWithAudioVideo(config); @@ -523,13 +351,11 @@ TEST_P(PeerConnectionCryptoTest, ExchangeOfferAnswerWhenNoEncryption) { TEST_P(PeerConnectionCryptoTest, ExchangeOfferAnswerWhenDtlsCertificateInConfig) { RTCConfiguration caller_config; - caller_config.enable_dtls_srtp.emplace(true); caller_config.certificates.push_back( FakeRTCCertificateGenerator::GenerateCertificate()); auto caller = CreatePeerConnectionWithAudioVideo(caller_config); RTCConfiguration callee_config; - callee_config.enable_dtls_srtp.emplace(true); callee_config.certificates.push_back( FakeRTCCertificateGenerator::GenerateCertificate()); auto callee = CreatePeerConnectionWithAudioVideo(callee_config); @@ -600,7 +426,6 @@ class PeerConnectionCryptoDtlsCertGenTest TEST_P(PeerConnectionCryptoDtlsCertGenTest, TestCertificateGeneration) { RTCConfiguration config; - config.enable_dtls_srtp.emplace(true); auto owned_fake_certificate_generator = std::make_unique(); auto* fake_certificate_generator = owned_fake_certificate_generator.get(); @@ -724,7 +549,6 @@ TEST_P(PeerConnectionCryptoTest, SessionErrorIfFingerprintInvalid) { auto caller = CreatePeerConnectionWithAudioVideo(); RTCConfiguration callee_config; - callee_config.enable_dtls_srtp.emplace(true); callee_config.certificates.push_back(callee_certificate); auto callee = CreatePeerConnectionWithAudioVideo(callee_config); diff --git a/pc/peer_connection_data_channel_unittest.cc b/pc/peer_connection_data_channel_unittest.cc index 2544473536..5a6377b00d 100644 --- a/pc/peer_connection_data_channel_unittest.cc +++ b/pc/peer_connection_data_channel_unittest.cc @@ -280,15 +280,6 @@ TEST_P(PeerConnectionDataChannelTest, answer->description()->GetTransportInfoByName(data_content->name)); } -TEST_P(PeerConnectionDataChannelTest, - CreateDataChannelWithDtlsDisabledSucceeds) { - RTCConfiguration config; - config.enable_dtls_srtp.emplace(false); - auto caller = CreatePeerConnection(); - - EXPECT_TRUE(caller->pc()->CreateDataChannel("dc", nullptr)); -} - TEST_P(PeerConnectionDataChannelTest, SctpPortPropagatedFromSdpToTransport) { constexpr int kNewSendPort = 9998; constexpr int kNewRecvPort = 7775; diff --git a/pc/peer_connection_end_to_end_unittest.cc b/pc/peer_connection_end_to_end_unittest.cc index 4ef4c832bb..19e4be33ff 100644 --- a/pc/peer_connection_end_to_end_unittest.cc +++ b/pc/peer_connection_end_to_end_unittest.cc @@ -366,15 +366,6 @@ TEST_P(PeerConnectionEndToEndTest, Call) { WaitForCallEstablished(); } -TEST_P(PeerConnectionEndToEndTest, CallWithSdesKeyNegotiation) { - config_.enable_dtls_srtp = false; - CreatePcs(webrtc::CreateOpusAudioEncoderFactory(), - webrtc::CreateOpusAudioDecoderFactory()); - GetAndAddUserMedia(); - Negotiate(); - WaitForCallEstablished(); -} - TEST_P(PeerConnectionEndToEndTest, CallWithCustomCodec) { class IdLoggingAudioEncoderFactory : public webrtc::AudioEncoderFactory { public: diff --git a/pc/peer_connection_integrationtest.cc b/pc/peer_connection_integrationtest.cc index fc094161af..53aa63efd9 100644 --- a/pc/peer_connection_integrationtest.cc +++ b/pc/peer_connection_integrationtest.cc @@ -264,30 +264,6 @@ TEST_P(PeerConnectionIntegrationTest, EndToEndCallWithDtls) { webrtc::kEnumCounterKeyProtocolSdes)); } -// Uses SDES instead of DTLS for key agreement. -TEST_P(PeerConnectionIntegrationTest, EndToEndCallWithSdes) { - PeerConnectionInterface::RTCConfiguration sdes_config; - sdes_config.enable_dtls_srtp.emplace(false); - ASSERT_TRUE(CreatePeerConnectionWrappersWithConfig(sdes_config, sdes_config)); - ConnectFakeSignaling(); - - // Do normal offer/answer and wait for some frames to be received in each - // direction. - caller()->AddAudioVideoTracks(); - callee()->AddAudioVideoTracks(); - caller()->CreateAndSetAndSignalOffer(); - ASSERT_TRUE_WAIT(SignalingStateStable(), kDefaultTimeout); - MediaExpectations media_expectations; - media_expectations.ExpectBidirectionalAudioAndVideo(); - ASSERT_TRUE(ExpectNewFrames(media_expectations)); - EXPECT_METRIC_LE( - 2, webrtc::metrics::NumEvents("WebRTC.PeerConnection.KeyProtocol", - webrtc::kEnumCounterKeyProtocolSdes)); - EXPECT_METRIC_EQ( - 0, webrtc::metrics::NumEvents("WebRTC.PeerConnection.KeyProtocol", - webrtc::kEnumCounterKeyProtocolDtls)); -} - // Basic end-to-end test specifying the `enable_encrypted_rtp_header_extensions` // option to offer encrypted versions of all header extensions alongside the // unencrypted versions. diff --git a/pc/peer_connection_interface_unittest.cc b/pc/peer_connection_interface_unittest.cc index 2105c784a4..54522388a2 100644 --- a/pc/peer_connection_interface_unittest.cc +++ b/pc/peer_connection_interface_unittest.cc @@ -710,13 +710,16 @@ class PeerConnectionInterfaceBaseTest : public ::testing::Test { CreatePeerConnection(PeerConnectionInterface::RTCConfiguration()); } - // DTLS does not work in a loopback call, so is disabled for most of the + // DTLS does not work in a loopback call, so is disabled for many // tests in this file. void CreatePeerConnectionWithoutDtls() { RTCConfiguration config; - config.enable_dtls_srtp = false; - + PeerConnectionFactoryInterface::Options options; + options.disable_encryption = true; + pc_factory_->SetOptions(options); CreatePeerConnection(config); + options.disable_encryption = false; + pc_factory_->SetOptions(options); } void CreatePeerConnectionWithIceTransportsType( @@ -751,10 +754,10 @@ class PeerConnectionInterfaceBaseTest : public ::testing::Test { // false. std::unique_ptr cert_generator; - if (config.enable_dtls_srtp.value_or(true)) { - fake_certificate_generator_ = new FakeRTCCertificateGenerator(); - cert_generator.reset(fake_certificate_generator_); - } + // These won't be used if encryption is turned off, but that's harmless. + fake_certificate_generator_ = new FakeRTCCertificateGenerator(); + cert_generator.reset(fake_certificate_generator_); + RTCConfiguration modified_config = config; modified_config.sdp_semantics = sdp_semantics_; pc_ = pc_factory_->CreatePeerConnection( @@ -1903,7 +1906,6 @@ TEST_P(PeerConnectionInterfaceTest, GetRTCStatsBeforeAndAfterCalling) { // DataChannelInit configurations. TEST_P(PeerConnectionInterfaceTest, CreateSctpDataChannel) { RTCConfiguration rtc_config; - rtc_config.enable_dtls_srtp = true; CreatePeerConnection(rtc_config); webrtc::DataChannelInit config; @@ -1939,7 +1941,6 @@ TEST_P(PeerConnectionInterfaceTest, CreateSctpDataChannel) { // and maxRetransmitTime by setting them to -1 to get what they want. TEST_P(PeerConnectionInterfaceTest, CreateSctpDataChannelWithMinusOne) { RTCConfiguration rtc_config; - rtc_config.enable_dtls_srtp = true; CreatePeerConnection(rtc_config); webrtc::DataChannelInit config; @@ -1955,7 +1956,6 @@ TEST_P(PeerConnectionInterfaceTest, CreateSctpDataChannelWithMinusOne) { TEST_P(PeerConnectionInterfaceTest, CreateSctpDataChannelShouldFailForInvalidConfig) { RTCConfiguration rtc_config; - rtc_config.enable_dtls_srtp = true; CreatePeerConnection(rtc_config); std::string label = "test"; @@ -1973,7 +1973,6 @@ TEST_P(PeerConnectionInterfaceTest, TEST_P(PeerConnectionInterfaceTest, CreateSctpDataChannelWithInvalidIdShouldFail) { RTCConfiguration rtc_config; - rtc_config.enable_dtls_srtp = true; CreatePeerConnection(rtc_config); webrtc::DataChannelInit config; @@ -2003,7 +2002,6 @@ TEST_P(PeerConnectionInterfaceTest, // Verifies that duplicated label is allowed for SCTP data channel. TEST_P(PeerConnectionInterfaceTest, SctpDuplicatedLabelAllowed) { RTCConfiguration rtc_config; - rtc_config.enable_dtls_srtp = true; CreatePeerConnection(rtc_config); std::string label = "test"; @@ -2051,7 +2049,6 @@ TEST_P(PeerConnectionInterfaceTest, DISABLED_TestRejectSctpDataChannelInAnswer) // the answer as a local description. TEST_P(PeerConnectionInterfaceTest, ReceiveFireFoxOffer) { RTCConfiguration rtc_config; - rtc_config.enable_dtls_srtp = true; CreatePeerConnection(rtc_config); AddAudioTrack("audio_label"); AddVideoTrack("video_label"); @@ -2085,7 +2082,6 @@ TEST_P(PeerConnectionInterfaceTest, ReceiveFireFoxOffer) { // and because it's non-standard. TEST_P(PeerConnectionInterfaceTest, DtlsSdesFallbackNotSupported) { RTCConfiguration rtc_config; - rtc_config.enable_dtls_srtp = true; CreatePeerConnection(rtc_config); // Wait for fake certificate to be generated. Previously, this is what caused // the "a=crypto" lines to be rejected. @@ -2129,7 +2125,6 @@ TEST_P(PeerConnectionInterfaceTest, ReceiveUpdatedAudioOfferWithBadCodecs) { // will have m-lines with a=recvonly. TEST_P(PeerConnectionInterfaceTest, CreateSubsequentRecvOnlyOffer) { RTCConfiguration rtc_config; - rtc_config.enable_dtls_srtp = true; CreatePeerConnection(rtc_config); CreateAndSetRemoteOffer(GetSdpStringWithStream1()); CreateAnswerAsLocalDescription(); @@ -2155,7 +2150,6 @@ TEST_P(PeerConnectionInterfaceTest, CreateSubsequentRecvOnlyOffer) { // false, the generated m-lines will be a=inactive. TEST_P(PeerConnectionInterfaceTest, CreateSubsequentInactiveOffer) { RTCConfiguration rtc_config; - rtc_config.enable_dtls_srtp = true; CreatePeerConnection(rtc_config); CreateAndSetRemoteOffer(GetSdpStringWithStream1()); CreateAnswerAsLocalDescription(); @@ -2508,7 +2502,6 @@ TEST_P(PeerConnectionInterfaceTest, CloseAndGetStats) { // signaled. TEST_P(PeerConnectionInterfaceTest, UpdateRemoteStreams) { RTCConfiguration config; - config.enable_dtls_srtp = true; CreatePeerConnection(config); CreateAndSetRemoteOffer(GetSdpStringWithStream1()); @@ -2534,7 +2527,6 @@ TEST_P(PeerConnectionInterfaceTest, UpdateRemoteStreams) { TEST_F(PeerConnectionInterfaceTestPlanB, AddRemoveTrackFromExistingRemoteMediaStream) { RTCConfiguration config; - config.enable_dtls_srtp = true; CreatePeerConnection(config); std::unique_ptr desc_ms1 = CreateSessionDescriptionAndReference(1, 1); @@ -2577,7 +2569,6 @@ TEST_F(PeerConnectionInterfaceTestPlanB, // that rejects the media content type. TEST_P(PeerConnectionInterfaceTest, RejectMediaContent) { RTCConfiguration config; - config.enable_dtls_srtp = true; CreatePeerConnection(config); // First create and set a remote offer, then reject its video content in our // answer. @@ -2626,7 +2617,6 @@ TEST_P(PeerConnectionInterfaceTest, RejectMediaContent) { // Don't run under Unified Plan since the stream API is not available. TEST_F(PeerConnectionInterfaceTestPlanB, RemoveTrackThenRejectMediaContent) { RTCConfiguration config; - config.enable_dtls_srtp = true; CreatePeerConnection(config); CreateAndSetRemoteOffer(GetSdpStringWithStream1()); MediaStreamInterface* remote_stream = observer_.remote_streams()->at(0); @@ -2652,7 +2642,6 @@ TEST_F(PeerConnectionInterfaceTestPlanB, RemoveTrackThenRejectMediaContent) { // See: https://code.google.com/p/webrtc/issues/detail?id=5054 TEST_P(PeerConnectionInterfaceTest, RecvonlyDescriptionDoesntCreateStream) { RTCConfiguration config; - config.enable_dtls_srtp = true; CreatePeerConnection(config); std::string recvonly_offer = GetSdpStringWithStream1(); @@ -2669,7 +2658,6 @@ TEST_P(PeerConnectionInterfaceTest, RecvonlyDescriptionDoesntCreateStream) { // Don't run under Unified Plan since this behavior is Plan B specific. TEST_F(PeerConnectionInterfaceTestPlanB, SdpWithoutMsidCreatesDefaultStream) { RTCConfiguration config; - config.enable_dtls_srtp = true; CreatePeerConnection(config); CreateAndSetRemoteOffer(kSdpStringWithoutStreamsAudioOnly); @@ -2698,7 +2686,6 @@ TEST_F(PeerConnectionInterfaceTestPlanB, SdpWithoutMsidCreatesDefaultStream) { TEST_F(PeerConnectionInterfaceTestPlanB, SendOnlySdpWithoutMsidCreatesDefaultStream) { RTCConfiguration config; - config.enable_dtls_srtp = true; CreatePeerConnection(config); CreateAndSetRemoteOffer(kSdpStringSendOnlyWithoutStreams); @@ -2715,7 +2702,6 @@ TEST_F(PeerConnectionInterfaceTestPlanB, // Don't run under Unified Plan since this behavior is Plan B specific. TEST_F(PeerConnectionInterfaceTestPlanB, RemoveAlreadyGoneRemoteStream) { RTCConfiguration config; - config.enable_dtls_srtp = true; CreatePeerConnection(config); CreateAndSetRemoteOffer(GetSdpStringWithStream1()); MediaStreamInterface* remote_stream = observer_.remote_streams()->at(0); @@ -2734,7 +2720,6 @@ TEST_F(PeerConnectionInterfaceTestPlanB, RemoveAlreadyGoneRemoteStream) { TEST_F(PeerConnectionInterfaceTestPlanB, SdpWithoutMsidAndStreamsCreatesDefaultStream) { RTCConfiguration config; - config.enable_dtls_srtp = true; CreatePeerConnection(config); CreateAndSetRemoteOffer(kSdpStringWithoutStreams); @@ -2749,7 +2734,6 @@ TEST_F(PeerConnectionInterfaceTestPlanB, // Don't run under Unified Plan since this behavior is Plan B specific. TEST_F(PeerConnectionInterfaceTestPlanB, SdpWithMsidDontCreatesDefaultStream) { RTCConfiguration config; - config.enable_dtls_srtp = true; CreatePeerConnection(config); CreateAndSetRemoteOffer(kSdpStringWithMsidWithoutStreams); EXPECT_EQ(0u, observer_.remote_streams()->count()); @@ -2762,7 +2746,6 @@ TEST_F(PeerConnectionInterfaceTestPlanB, SdpWithMsidDontCreatesDefaultStream) { TEST_F(PeerConnectionInterfaceTestPlanB, DefaultTracksNotDestroyedAndRecreated) { RTCConfiguration config; - config.enable_dtls_srtp = true; CreatePeerConnection(config); CreateAndSetRemoteOffer(kSdpStringWithoutStreamsAudioOnly); @@ -2783,7 +2766,6 @@ TEST_F(PeerConnectionInterfaceTestPlanB, // Don't run under Unified Plan since this behavior is Plan B specific. TEST_F(PeerConnectionInterfaceTestPlanB, VerifyDefaultStreamIsNotCreated) { RTCConfiguration config; - config.enable_dtls_srtp = true; CreatePeerConnection(config); CreateAndSetRemoteOffer(GetSdpStringWithStream1()); rtc::scoped_refptr reference(CreateStreamCollection(1, 1)); @@ -2799,7 +2781,6 @@ TEST_F(PeerConnectionInterfaceTestPlanB, VerifyDefaultStreamIsNotCreated) { TEST_F(PeerConnectionInterfaceTestPlanB, SdpWithMsidWithoutSsrcCreatesDefaultStream) { RTCConfiguration config; - config.enable_dtls_srtp = true; CreatePeerConnection(config); std::string sdp_string = kSdpStringWithoutStreamsAudioOnly; // Add a=msid lines to simulate a Unified Plan endpoint that only @@ -2822,7 +2803,6 @@ TEST_F(PeerConnectionInterfaceTestPlanB, TEST_F(PeerConnectionInterfaceTestPlanB, SdpWithEmptyMsidAndSsrcCreatesDefaultStreamId) { RTCConfiguration config; - config.enable_dtls_srtp = true; CreatePeerConnection(config); // Add a a=msid line to the SDP. This is prioritized when parsing the SDP, so // the sender's stream ID will be interpreted as no stream IDs. @@ -2860,7 +2840,6 @@ TEST_F(PeerConnectionInterfaceTestPlanB, // Don't run under Unified Plan since this behavior is Plan B specific. TEST_F(PeerConnectionInterfaceTestPlanB, LocalDescriptionChanged) { RTCConfiguration config; - config.enable_dtls_srtp = true; CreatePeerConnection(config); // Create an offer with 1 stream with 2 tracks of each type. @@ -2899,7 +2878,6 @@ TEST_F(PeerConnectionInterfaceTestPlanB, LocalDescriptionChanged) { TEST_F(PeerConnectionInterfaceTestPlanB, AddLocalStreamAfterLocalDescriptionChanged) { RTCConfiguration config; - config.enable_dtls_srtp = true; CreatePeerConnection(config); rtc::scoped_refptr stream_collection = @@ -2928,7 +2906,6 @@ TEST_F(PeerConnectionInterfaceTestPlanB, TEST_P(PeerConnectionInterfaceTest, ChangeSsrcOnTrackInLocalSessionDescription) { RTCConfiguration config; - config.enable_dtls_srtp = true; CreatePeerConnection(config); AddAudioTrack(kAudioTracks[0]); @@ -2981,7 +2958,6 @@ TEST_P(PeerConnectionInterfaceTest, TEST_F(PeerConnectionInterfaceTestPlanB, SignalSameTracksInSeparateMediaStream) { RTCConfiguration config; - config.enable_dtls_srtp = true; CreatePeerConnection(config); rtc::scoped_refptr stream_collection = @@ -3018,7 +2994,6 @@ TEST_F(PeerConnectionInterfaceTestPlanB, // This tests that PeerConnectionObserver::OnAddTrack is correctly called. TEST_P(PeerConnectionInterfaceTest, OnAddTrackCallback) { RTCConfiguration config; - config.enable_dtls_srtp = true; CreatePeerConnection(config); CreateAndSetRemoteOffer(kSdpStringWithStream1AudioTrackOnly); EXPECT_EQ(observer_.num_added_tracks_, 1); diff --git a/sdk/android/api/org/webrtc/PeerConnection.java b/sdk/android/api/org/webrtc/PeerConnection.java index 67b551c262..7ad72c4eb4 100644 --- a/sdk/android/api/org/webrtc/PeerConnection.java +++ b/sdk/android/api/org/webrtc/PeerConnection.java @@ -527,7 +527,6 @@ public static class RTCConfiguration { public boolean suspendBelowMinBitrate; @Nullable public Integer screencastMinBitrate; @Nullable public Boolean combinedAudioVideoBwe; - @Nullable public Boolean enableDtlsSrtp; // Use "Unknown" to represent no preference of adapter types, not the // preference of adapters of unknown types. public AdapterType networkPreference; @@ -608,7 +607,6 @@ public RTCConfiguration(List iceServers) { suspendBelowMinBitrate = false; screencastMinBitrate = null; combinedAudioVideoBwe = null; - enableDtlsSrtp = null; networkPreference = AdapterType.UNKNOWN; sdpSemantics = SdpSemantics.PLAN_B; activeResetSrtpParams = false; @@ -800,12 +798,6 @@ Boolean getCombinedAudioVideoBwe() { return combinedAudioVideoBwe; } - @Nullable - @CalledByNative("RTCConfiguration") - Boolean getEnableDtlsSrtp() { - return enableDtlsSrtp; - } - @CalledByNative("RTCConfiguration") AdapterType getNetworkPreference() { return networkPreference; diff --git a/sdk/android/instrumentationtests/src/org/webrtc/PeerConnectionEndToEndTest.java b/sdk/android/instrumentationtests/src/org/webrtc/PeerConnectionEndToEndTest.java index cc09322f60..1281cbe137 100644 --- a/sdk/android/instrumentationtests/src/org/webrtc/PeerConnectionEndToEndTest.java +++ b/sdk/android/instrumentationtests/src/org/webrtc/PeerConnectionEndToEndTest.java @@ -677,7 +677,6 @@ public void testCompleteSession() throws Exception { .createIceServer()); PeerConnection.RTCConfiguration rtcConfig = new PeerConnection.RTCConfiguration(iceServers); - rtcConfig.enableDtlsSrtp = true; ObserverExpectations offeringExpectations = new ObserverExpectations("PCTest:offerer"); PeerConnection offeringPC = factory.createPeerConnection(rtcConfig, offeringExpectations); @@ -944,7 +943,6 @@ public void testDataChannelOnlySession() throws Exception { .createIceServer()); PeerConnection.RTCConfiguration rtcConfig = new PeerConnection.RTCConfiguration(iceServers); - rtcConfig.enableDtlsSrtp = true; ObserverExpectations offeringExpectations = new ObserverExpectations("PCTest:offerer"); PeerConnection offeringPC = factory.createPeerConnection(rtcConfig, offeringExpectations); @@ -1172,7 +1170,6 @@ public void testTrackRemovalAndAddition() throws Exception { PeerConnection.IceServer.builder("stun:stun.l.google.com:19302").createIceServer()); PeerConnection.RTCConfiguration rtcConfig = new PeerConnection.RTCConfiguration(iceServers); - rtcConfig.enableDtlsSrtp = true; ObserverExpectations offeringExpectations = new ObserverExpectations("PCTest:offerer"); PeerConnection offeringPC = factory.createPeerConnection(rtcConfig, offeringExpectations); diff --git a/sdk/android/src/jni/pc/peer_connection.cc b/sdk/android/src/jni/pc/peer_connection.cc index 0b0d40838e..abd7ac7f45 100644 --- a/sdk/android/src/jni/pc/peer_connection.cc +++ b/sdk/android/src/jni/pc/peer_connection.cc @@ -263,8 +263,6 @@ void JavaToNativeRTCConfiguration( jni, Java_RTCConfiguration_getScreencastMinBitrate(jni, j_rtc_config)); rtc_config->combined_audio_video_bwe = JavaToNativeOptionalBool( jni, Java_RTCConfiguration_getCombinedAudioVideoBwe(jni, j_rtc_config)); - rtc_config->enable_dtls_srtp = JavaToNativeOptionalBool( - jni, Java_RTCConfiguration_getEnableDtlsSrtp(jni, j_rtc_config)); rtc_config->network_preference = JavaToNativeNetworkPreference(jni, j_network_preference); rtc_config->sdp_semantics = JavaToNativeSdpSemantics(jni, j_sdp_semantics); diff --git a/sdk/media_constraints.cc b/sdk/media_constraints.cc index 2236f50a63..08bd9dc66c 100644 --- a/sdk/media_constraints.cc +++ b/sdk/media_constraints.cc @@ -117,7 +117,6 @@ const char MediaConstraints::kIceRestart[] = "IceRestart"; const char MediaConstraints::kUseRtpMux[] = "googUseRtpMUX"; // Below constraints should be used during PeerConnection construction. -const char MediaConstraints::kEnableDtlsSrtp[] = "DtlsSrtpKeyAgreement"; // Google-specific constraint keys. const char MediaConstraints::kEnableDscp[] = "googDscp"; const char MediaConstraints::kEnableIPv6[] = "googIPv6"; @@ -176,8 +175,6 @@ void CopyConstraintsIntoRtcConfiguration( ConstraintToOptional(constraints, MediaConstraints::kCombinedAudioVideoBwe, &configuration->combined_audio_video_bwe); - ConstraintToOptional(constraints, MediaConstraints::kEnableDtlsSrtp, - &configuration->enable_dtls_srtp); } void CopyConstraintsIntoAudioOptions(const MediaConstraints* constraints, diff --git a/sdk/media_constraints.h b/sdk/media_constraints.h index 15cb363f7c..fd95a60235 100644 --- a/sdk/media_constraints.h +++ b/sdk/media_constraints.h @@ -83,8 +83,6 @@ class MediaConstraints { static const char kValueFalse[]; // false // PeerConnection constraint keys. - // Temporary pseudo-constraints used to enable DTLS-SRTP - static const char kEnableDtlsSrtp[]; // Enable DTLS-SRTP // Google-specific constraint keys. // Temporary pseudo-constraint for enabling DSCP through JS. static const char kEnableDscp[]; // googDscp diff --git a/sdk/media_constraints_unittest.cc b/sdk/media_constraints_unittest.cc index dab85eb971..478ba98a2d 100644 --- a/sdk/media_constraints_unittest.cc +++ b/sdk/media_constraints_unittest.cc @@ -25,7 +25,6 @@ bool Matches(const PeerConnectionInterface::RTCConfiguration& a, b.audio_jitter_buffer_max_packets && a.screencast_min_bitrate == b.screencast_min_bitrate && a.combined_audio_video_bwe == b.combined_audio_video_bwe && - a.enable_dtls_srtp == b.enable_dtls_srtp && a.media_config == b.media_config; } @@ -60,12 +59,9 @@ TEST(MediaConstraints, CopyConstraintsIntoRtcConfiguration) { // An empty set of constraints will not overwrite // values that are already present. configuration = old_configuration; - configuration.enable_dtls_srtp = true; configuration.audio_jitter_buffer_max_packets = 34; CopyConstraintsIntoRtcConfiguration(&constraints_empty, &configuration); EXPECT_EQ(34, configuration.audio_jitter_buffer_max_packets); - ASSERT_TRUE(configuration.enable_dtls_srtp); - EXPECT_TRUE(*(configuration.enable_dtls_srtp)); } } // namespace